Results 1 to 4 of 4
  1. #1
    Untanglit
    Join Date
    Jan 2016
    Posts
    28

    Default ByPass Untanlge Filtering

    Hi,

    I would like to ask on how to stop people from bypassing untangle server through vpn / tor and some other bypass software.

    Thank you.

  2. #2
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Most people handling this by
    1) flagging when these are in use and then punishing users (through some other means)
    2) just block those tool/sites/protocols.

    #1 is the easiest.
    #2 can be done, but if they know you are blocking them you will have to be on top of detecting and blocking new tools/sites whatever methods they may use.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untanglit
    Join Date
    Jan 2016
    Posts
    28

    Default

    Hi dmorris,

    Thank you for your advice.
    However, how would I able to block some of the tools which are not listed in the Application Control list?

  4. #4
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,146

    Default

    SAINS_Justin.

    You can attack it on different layers think of Application Control to be on IOS layer 7.
    That module uses signatures and will always be behind if you have default pass and just block known protocols and signatures.

    If you use other modules (Firewall) you can go down to layer 3 and just directly block the session form ever being build.

    So there are two schools
    1: Default Pass and then block all known Protocols/Applications/Firewall rules that you know.
    This will always leave a opening that users can use with new applications or again new networks so you will have to log analyse and "fight" the users

    2: Default Block on everything and Whitelist Sites/Applications/Firewall that you know your organisation need for it business.
    This works well but if the organisations has a open policy that users should be able to access internet "freely" you will have a ton of work adding to your whitelists and trouble shooting as other services changer there behavior so that they don't match the current whitelist.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2